CAN (Controller Area Network) has been employed as an in-vehicle network. Provided in CAN is a diagnostic port called an OBD2 port, which can receive a message flowing on a network and transmit a message onto the network.
As the OBD2 port is an interface for direct connection that does not perform filtering processing of the message and the like, there is the risk of a replay attack when a malicious device is connected to the OBD2 port. The replay attack here means the attack of intercepting the message flowing on the network, storing its contents, and resending the stored message, so as to cause invalid operation. It should be noted that, even though the malicious device does not know the contents of the message, it can figure out the intent of the message when vehicle behavior after the transmission of the message is known to the device.
As a technique to prevent such a replay attack, the technique of embedding a message authentication code (MAC) in a CAN message has been proposed (Non-Patent Document 1). According to this proposal, from data fields (64×4=256 bits) contained in four CAN messages, that is, from N-th to N+3rd CAN messages, the MAC of 64 bits is produces as illustrated in FIG. 11. This MAC is divided in four pieces each having 16 bits, which are embedded in CRC fields (16 bits) of four CAN messages, that is, from N+4th to N+7th CAN messages, and transmitted.
A reception side acquires the MAC from the CRC fields of the N+4th to N+7th CAN messages, and determines whether the N-th to N+3rd CAN messages are valid or not according to whether the MAC matches the MAC produced from the N-th to N+3rd data fields. When the MAC obtained from the CRC fields is different from the MAC calculated from the data fields, it is possible to determine that either one of the N-th to N+3rd CAN messages is invalid.
Non-Patent Document 1: D. K. Nilsson, U. E. Larson, E. Jonsson, “Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes”, IEEE 68th VTC 2008-Fall, 2008, 1-5